Ghost/core/server/services/settings/settings-bread-service.js

const tpl = require('@tryghost/tpl');
const {NotFoundError, NoPermissionError} = require('@tryghost/errors');

const messages = {
    problemFindingSetting: 'Problem finding setting: {key}',
    accessCoreSettingFromExtReq: 'Attempted to access core setting from external request'
};

// The string returned when a setting is set as write-only
const obfuscatedSetting = '••••••••';

// The function used to decide whether a setting is write-only
function isSecretSetting(setting) {
    return /secret/.test(setting.key);
}

// The function that obfuscates a write-only setting
function hideValueIfSecret(setting) {
    if (setting.value && isSecretSetting(setting)) {
        return {...setting, value: obfuscatedSetting};
    }
    return setting;
}

class SettingsBREADService {
    /**
     *
     * @param {Object} options
     * @param {Object} options.settingsCache - SettingsCache instance
     */
    constructor({settingsCache}) {
        this.settingsCache = settingsCache;
    }

    /**
     *
     * @param {String} key setting key
     * @param {Object} [context] API context instance
     * @returns {Object} an object with a filled out key that comes in a parameter
     */
    read(key, context) {
        let setting;

        if (key === 'slack') {
            const slackURL = this.settingsCache.get('slack_url', {resolve: false});
            const slackUsername = this.settingsCache.get('slack_username', {resolve: false});

            setting = slackURL || slackUsername;
            setting.key = 'slack';
            setting.value = [{
                url: slackURL && slackURL.value,
                username: slackUsername && slackUsername.value
            }];
        } else {
            setting = this.settingsCache.get(key, {resolve: false});
        }

        if (!setting) {
            return Promise.reject(new NotFoundError({
                message: tpl(messages.problemFindingSetting, {
                    key: key
                })
            }));
        }

        // @TODO: handle in settings model permissible fn
        if (setting.group === 'core' && !(context && context.internal)) {
            return Promise.reject(new NoPermissionError({
                message: tpl(messages.accessCoreSettingFromExtReq)
            }));
        }

        setting = hideValueIfSecret(setting);

        return {
            [key]: setting
        };
    }
}

module.exports = SettingsBREADService;
Removed method complexity in settings API controller refs https://github.com/TryGhost/Team/issues/694 refs https://linear.app/tryghost/issue/CORE-13 - The controller code is not meant to contain complex business logic. Reduced complexity in the settings.read method - Broke the usual "xxxService" naming pattern here in favor of "xxxBREADService" pattern that members package has been experimenting with recently (https://github.com/TryGhost/Members/blob/0469707f2e97c0edb18cea3d3486b7939182d55f/packages/members-api/lib/services/member-bread.js#L25). This naming choice was made because we already had a "SettingsService" and it would've become quite convoluted distinguishing the naming or doing renames for the sake of having a new temporary location for read/edit/add methods - Also duplicated `hideValueIfSecret` method code with an intention to move it fully into the BREAD service once the refactoring is completed 2021-09-20 16:40:34 +03:00			`const tpl = require('@tryghost/tpl');`
			`const {NotFoundError, NoPermissionError} = require('@tryghost/errors');`

			`const messages = {`
			`problemFindingSetting: 'Problem finding setting: {key}',`
			`accessCoreSettingFromExtReq: 'Attempted to access core setting from external request'`
			`};`

			`// The string returned when a setting is set as write-only`
			`const obfuscatedSetting = '••••••••';`

			`// The function used to decide whether a setting is write-only`
			`function isSecretSetting(setting) {`
			`return /secret/.test(setting.key);`
			`}`

			`// The function that obfuscates a write-only setting`
			`function hideValueIfSecret(setting) {`
			`if (setting.value && isSecretSetting(setting)) {`
			`return {...setting, value: obfuscatedSetting};`
			`}`
			`return setting;`
			`}`

			`class SettingsBREADService {`
			`/**`
			`*`
			`* @param {Object} options`
			`* @param {Object} options.settingsCache - SettingsCache instance`
			`*/`
			`constructor({settingsCache}) {`
			`this.settingsCache = settingsCache;`
			`}`

			`/**`
			`*`
			`* @param {String} key setting key`
			`* @param {Object} [context] API context instance`
			`* @returns {Object} an object with a filled out key that comes in a parameter`
			`*/`
			`read(key, context) {`
			`let setting;`

			`if (key === 'slack') {`
			`const slackURL = this.settingsCache.get('slack_url', {resolve: false});`
			`const slackUsername = this.settingsCache.get('slack_username', {resolve: false});`

			`setting = slackURL \|\| slackUsername;`
			`setting.key = 'slack';`
			`setting.value = [{`
			`url: slackURL && slackURL.value,`
			`username: slackUsername && slackUsername.value`
			`}];`
			`} else {`
			`setting = this.settingsCache.get(key, {resolve: false});`
			`}`

			`if (!setting) {`
			`return Promise.reject(new NotFoundError({`
			`message: tpl(messages.problemFindingSetting, {`
			`key: key`
			`})`
			`}));`
			`}`

			`// @TODO: handle in settings model permissible fn`
			`if (setting.group === 'core' && !(context && context.internal)) {`
			`return Promise.reject(new NoPermissionError({`
			`message: tpl(messages.accessCoreSettingFromExtReq)`
			`}));`
			`}`

			`setting = hideValueIfSecret(setting);`

			`return {`
			`[key]: setting`
			`};`
			`}`
			`}`

			`module.exports = SettingsBREADService;`